Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
Tags
country: Belgium Netherlands
attack-pattern: Data Direct Model Malware - T1587.001 Malware - T1588.001 Tool - T1588.002
Show in Graph
Common Information
Type Value
UUID e289eade-6904-4cf7-bea2-90e27e4d046b
Fingerprint 8e119a4269a69c29
Analysis status DONE
Considered CTI value 0
Text language
Published Feb. 21, 2023, 9 a.m.
Added to db Feb. 21, 2023, 4:22 p.m.
Last updated Sept. 2, 2024, 7:58 p.m.
Headline Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
Title Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
Detected Hints/Tags/Attributes 69/2/0
Source URLs
Redirection Url
Details Source https://securityintelligence.com/posts/direct-kernel-object-manipulation-attacks-etw-providers/
Details Source https://securityintelligence.com/posts/direct-kernel-object-manipulation-attacks-etw-providers/?&web_view=true
URL Provider
Details Provider Source level domain
Details securityintelligence.com securityintelligence.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 163 https://media.cert.europa.eu/rss?type=category&id=Malware&language=en&duplicates=false 2024-08-30 22:08